| /aosp_15_r20/out/target/product/shiba/obj/ETC/vendor_sepolicy.cil_intermediates/ |
| D | vendor_sepolicy.cil | 2063 (allow init_202404 hal_atrace_default_exec (file (read getattr map execute open)))
2064 (allow init_202404 hal_atrace_default (process (transition)))
2065 (allow hal_atrace_default hal_atrace_default_exec (file (read getattr map execute open entrypoint)))
2067 (allow init_202404 hal_atrace_default (process (siginh rlimitinh)))
2069 (allow hal_atrace_default debugfs_tracing_202404 (dir (ioctl read getattr lock open watch watch_rea…
2070 (allow hal_atrace_default debugfs_tracing_202404 (file (ioctl read write getattr lock append map op…
2071 (allow hal_atrace_default debugfs_tracing_debug_202404 (dir (ioctl read getattr lock open watch wat…
2072 (allow hal_atrace_default debugfs_tracing_debug_202404 (file (ioctl read write getattr lock append …
2073 (allow init_202404 hal_audio_default_exec (file (read getattr map execute open)))
2074 (allow init_202404 hal_audio_default (process (transition)))
[all …]
|
| /aosp_15_r20/out/target/product/shiba/vendor/etc/selinux/ |
| D | vendor_sepolicy.cil | 2063 (allow init_202404 hal_atrace_default_exec (file (read getattr map execute open)))
2064 (allow init_202404 hal_atrace_default (process (transition)))
2065 (allow hal_atrace_default hal_atrace_default_exec (file (read getattr map execute open entrypoint)))
2067 (allow init_202404 hal_atrace_default (process (siginh rlimitinh)))
2069 (allow hal_atrace_default debugfs_tracing_202404 (dir (ioctl read getattr lock open watch watch_rea…
2070 (allow hal_atrace_default debugfs_tracing_202404 (file (ioctl read write getattr lock append map op…
2071 (allow hal_atrace_default debugfs_tracing_debug_202404 (dir (ioctl read getattr lock open watch wat…
2072 (allow hal_atrace_default debugfs_tracing_debug_202404 (file (ioctl read write getattr lock append …
2073 (allow init_202404 hal_audio_default_exec (file (read getattr map execute open)))
2074 (allow init_202404 hal_audio_default (process (transition)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/vendor_sepolicy.cil/android_common/shiba/ |
| D | vendor_sepolicy.cil | 2063 (allow init_202404 hal_atrace_default_exec (file (read getattr map execute open)))
2064 (allow init_202404 hal_atrace_default (process (transition)))
2065 (allow hal_atrace_default hal_atrace_default_exec (file (read getattr map execute open entrypoint)))
2067 (allow init_202404 hal_atrace_default (process (siginh rlimitinh)))
2069 (allow hal_atrace_default debugfs_tracing_202404 (dir (ioctl read getattr lock open watch watch_rea…
2070 (allow hal_atrace_default debugfs_tracing_202404 (file (ioctl read write getattr lock append map op…
2071 (allow hal_atrace_default debugfs_tracing_debug_202404 (dir (ioctl read getattr lock open watch wat…
2072 (allow hal_atrace_default debugfs_tracing_debug_202404 (file (ioctl read write getattr lock append …
2073 (allow init_202404 hal_audio_default_exec (file (read getattr map execute open)))
2074 (allow init_202404 hal_audio_default (process (transition)))
[all …]
|
| /aosp_15_r20/system/sepolicy/private/ |
| H A D | system_server.te | 25 allow system_server zygote_tmpfs:file { map read };
26 allow system_server appdomain_tmpfs:file { getattr map read write };
29 allow system_server proc_filesystems:file r_file_perms;
32 allow system_server incremental_control_file:file { ioctl r_file_perms };
65 allow system_server sysfs_fs_incfs_metrics:file r_file_perms;
68 allow system_server sysfs_fs_f2fs:dir r_dir_perms;
69 allow system_server sysfs_fs_f2fs:file r_file_perms;
72 allow system_server sdk_sandbox_system_data_file:dir create_dir_perms;
75 allow system_server { apex_art_data_file dalvikcache_data_file }:dir r_dir_perms;
76 allow system_server { apex_art_data_file dalvikcache_data_file }:file r_file_perms;
[all …]
|
| /aosp_15_r20/system/sepolicy/prebuilts/api/34.0/private/ |
| H A D | system_server.te | 25 allow system_server zygote_tmpfs:file { map read };
26 allow system_server appdomain_tmpfs:file { getattr map read write };
29 allow system_server proc_filesystems:file r_file_perms;
32 allow system_server incremental_control_file:file { ioctl r_file_perms };
65 allow system_server sysfs_fs_incfs_metrics:file r_file_perms;
68 allow system_server sysfs_fs_f2fs:dir r_dir_perms;
69 allow system_server sysfs_fs_f2fs:file r_file_perms;
72 allow system_server sdk_sandbox_system_data_file:dir create_dir_perms;
75 allow system_server { apex_art_data_file dalvikcache_data_file }:dir r_dir_perms;
76 allow system_server { apex_art_data_file dalvikcache_data_file }:file r_file_perms;
[all …]
|
| /aosp_15_r20/system/sepolicy/prebuilts/api/33.0/private/ |
| H A D | system_server.te | 24 allow system_server zygote_tmpfs:file { map read };
25 allow system_server appdomain_tmpfs:file { getattr map read write };
28 allow system_server proc_filesystems:file r_file_perms;
31 allow system_server incremental_control_file:file { ioctl r_file_perms };
64 allow system_server sysfs_fs_incfs_metrics:file r_file_perms;
67 allow system_server sysfs_fs_f2fs:dir r_dir_perms;
68 allow system_server sysfs_fs_f2fs:file r_file_perms;
71 allow system_server sdk_sandbox_system_data_file:dir create_dir_perms;
74 allow system_server { apex_art_data_file dalvikcache_data_file }:dir r_dir_perms;
75 allow system_server { apex_art_data_file dalvikcache_data_file }:file r_file_perms;
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/prebuilts/api/30.0/30.0_plat_pub_versioned.cil/android_common/ |
| D | 30.0_plat_pub_versioned.cil | 4040 (allow adbd_30_0 property_socket_30_0 (sock_file (write)))
4041 (allow adbd_30_0 init_30_0 (unix_stream_socket (connectto)))
4042 (allow adbd_30_0 ctl_mdnsd_prop_30_0 (property_service (set)))
4043 (allow adbd_30_0 ctl_mdnsd_prop_30_0 (file (read getattr map open)))
4044 (allow apexd_30_0 servicemanager_30_0 (binder (call transfer)))
4045 (allow servicemanager_30_0 apexd_30_0 (binder (call transfer)))
4046 (allow servicemanager_30_0 apexd_30_0 (dir (search)))
4047 (allow servicemanager_30_0 apexd_30_0 (file (read open)))
4048 (allow servicemanager_30_0 apexd_30_0 (process (getattr)))
4049 (allow apexd_30_0 apex_service_30_0 (service_manager (add find)))
[all …]
|
| /aosp_15_r20/system/sepolicy/prebuilts/api/202404/private/ |
| H A D | system_server.te | 25 allow system_server zygote_tmpfs:file { map read };
26 allow system_server appdomain_tmpfs:file { getattr map read write };
29 allow system_server proc_filesystems:file r_file_perms;
32 allow system_server incremental_control_file:file { ioctl r_file_perms };
65 allow system_server sysfs_fs_incfs_metrics:file r_file_perms;
68 allow system_server sysfs_fs_f2fs:dir r_dir_perms;
69 allow system_server sysfs_fs_f2fs:file r_file_perms;
72 allow system_server sdk_sandbox_system_data_file:dir create_dir_perms;
75 allow system_server { apex_art_data_file dalvikcache_data_file }:dir r_dir_perms;
76 allow system_server { apex_art_data_file dalvikcache_data_file }:file r_file_perms;
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/prebuilts/api/34.0/34.0_plat_pub_versioned.cil/android_common/ |
| D | 34.0_plat_pub_versioned.cil | 4975 (allow adbd_34_0 shell_test_data_file_34_0 (dir (ioctl read write create getattr setattr lock renam…
4976 (allow adbd_34_0 shell_test_data_file_34_0 (file (ioctl read write create getattr setattr lock appe…
4977 (allow adbd_34_0 shell_test_data_file_34_0 (lnk_file (ioctl read write create getattr setattr lock …
4978 (allow apexd_34_0 servicemanager_34_0 (binder (call transfer)))
4979 (allow servicemanager_34_0 apexd_34_0 (binder (call transfer)))
4980 (allow servicemanager_34_0 apexd_34_0 (dir (search)))
4981 (allow servicemanager_34_0 apexd_34_0 (file (read open)))
4982 (allow servicemanager_34_0 apexd_34_0 (process (getattr)))
4983 (allow apexd_34_0 apex_service_34_0 (service_manager (add find)))
5191 (allow system_app_34_0 property_socket_34_0 (sock_file (write)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/prebuilts/api/32.0/32.0_plat_pub_versioned.cil/android_common/ |
| D | 32.0_plat_pub_versioned.cil | 4510 (allow adbd_32_0 shell_test_data_file_32_0 (dir (ioctl read write create getattr setattr lock renam…
4511 (allow adbd_32_0 shell_test_data_file_32_0 (file (ioctl read write create getattr setattr lock appe…
4512 (allow adbd_32_0 shell_test_data_file_32_0 (lnk_file (ioctl read write create getattr setattr lock …
4513 (allow apexd_32_0 servicemanager_32_0 (binder (call transfer)))
4514 (allow servicemanager_32_0 apexd_32_0 (binder (call transfer)))
4515 (allow servicemanager_32_0 apexd_32_0 (dir (search)))
4516 (allow servicemanager_32_0 apexd_32_0 (file (read open)))
4517 (allow servicemanager_32_0 apexd_32_0 (process (getattr)))
4518 (allow apexd_32_0 apex_service_32_0 (service_manager (add find)))
4523 (allow appdomain self (process (execmem)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/prebuilts/api/31.0/31.0_plat_pub_versioned.cil/android_common/ |
| D | 31.0_plat_pub_versioned.cil | 4507 (allow adbd_31_0 shell_test_data_file_31_0 (dir (ioctl read write create getattr setattr lock renam…
4508 (allow adbd_31_0 shell_test_data_file_31_0 (file (ioctl read write create getattr setattr lock appe…
4509 (allow adbd_31_0 shell_test_data_file_31_0 (lnk_file (ioctl read write create getattr setattr lock …
4510 (allow apexd_31_0 servicemanager_31_0 (binder (call transfer)))
4511 (allow servicemanager_31_0 apexd_31_0 (binder (call transfer)))
4512 (allow servicemanager_31_0 apexd_31_0 (dir (search)))
4513 (allow servicemanager_31_0 apexd_31_0 (file (read open)))
4514 (allow servicemanager_31_0 apexd_31_0 (process (getattr)))
4515 (allow apexd_31_0 apex_service_31_0 (service_manager (add find)))
4520 (allow appdomain self (process (execmem)))
[all …]
|
| /aosp_15_r20/system/sepolicy/prebuilts/api/32.0/private/ |
| H A D | system_server.te | 23 allow system_server zygote_tmpfs:file read;
24 allow system_server appdomain_tmpfs:file { getattr map read write };
27 allow system_server proc_filesystems:file r_file_perms;
30 allow system_server incremental_control_file:file { ioctl r_file_perms };
63 allow system_server sysfs_fs_incfs_metrics:file r_file_perms;
66 allow system_server sysfs_fs_f2fs:dir r_dir_perms;
67 allow system_server sysfs_fs_f2fs:file r_file_perms;
70 allow system_server { apex_art_data_file dalvikcache_data_file }:dir r_dir_perms;
71 allow system_server { apex_art_data_file dalvikcache_data_file }:file r_file_perms;
75 with_asan(`allow system_server dalvikcache_data_file:lnk_file r_file_perms;')
[all …]
|
| /aosp_15_r20/system/sepolicy/prebuilts/api/31.0/private/ |
| H A D | system_server.te | 23 allow system_server zygote_tmpfs:file read;
24 allow system_server appdomain_tmpfs:file { getattr map read write };
27 allow system_server proc_filesystems:file r_file_perms;
30 allow system_server incremental_control_file:file { ioctl r_file_perms };
63 allow system_server sysfs_fs_incfs_metrics:file r_file_perms;
66 allow system_server sysfs_fs_f2fs:dir r_dir_perms;
67 allow system_server sysfs_fs_f2fs:file r_file_perms;
70 allow system_server { apex_art_data_file dalvikcache_data_file }:dir r_dir_perms;
71 allow system_server { apex_art_data_file dalvikcache_data_file }:file r_file_perms;
75 with_asan(`allow system_server dalvikcache_data_file:lnk_file r_file_perms;')
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/prebuilts/api/33.0/33.0_plat_pub_versioned.cil/android_common/ |
| D | 33.0_plat_pub_versioned.cil | 4775 (allow adbd_33_0 shell_test_data_file_33_0 (dir (ioctl read write create getattr setattr lock renam…
4776 (allow adbd_33_0 shell_test_data_file_33_0 (file (ioctl read write create getattr setattr lock appe…
4777 (allow adbd_33_0 shell_test_data_file_33_0 (lnk_file (ioctl read write create getattr setattr lock …
4778 (allow apexd_33_0 servicemanager_33_0 (binder (call transfer)))
4779 (allow servicemanager_33_0 apexd_33_0 (binder (call transfer)))
4780 (allow servicemanager_33_0 apexd_33_0 (dir (search)))
4781 (allow servicemanager_33_0 apexd_33_0 (file (read open)))
4782 (allow servicemanager_33_0 apexd_33_0 (process (getattr)))
4783 (allow apexd_33_0 apex_service_33_0 (service_manager (add find)))
4997 (allow system_app_33_0 property_socket_33_0 (sock_file (write)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/recovery_sepolicy.cil/android_common/shiba/ |
| D | recovery_sepolicy.cil | 9439 (allow vendor_init property_socket (sock_file (write)))
9440 (allow vendor_init init (unix_stream_socket (connectto)))
9441 (allow vendor_init apexd_config_prop (property_service (set)))
9442 (allow vendor_init apexd_config_prop (file (read getattr map open)))
9448 (allow vendor_init property_socket (sock_file (write)))
9449 (allow vendor_init init (unix_stream_socket (connectto)))
9450 (allow vendor_init apexd_select_prop (property_service (set)))
9451 (allow vendor_init apexd_select_prop (file (read getattr map open)))
9457 (allow vendor_init property_socket (sock_file (write)))
9458 (allow vendor_init init (unix_stream_socket (connectto)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/prebuilts/api/29.0/29.0_plat_pub_versioned.cil/android_common/ |
| D | 29.0_plat_pub_versioned.cil | 3644 (allow adbd_29_0 property_socket_29_0 (sock_file (write)))
3645 (allow adbd_29_0 init_29_0 (unix_stream_socket (connectto)))
3646 (allow adbd_29_0 ctl_mdnsd_prop_29_0 (property_service (set)))
3647 (allow adbd_29_0 ctl_mdnsd_prop_29_0 (file (read getattr map open)))
3648 (allow apexd_29_0 servicemanager_29_0 (binder (call transfer)))
3649 (allow servicemanager_29_0 apexd_29_0 (dir (search)))
3650 (allow servicemanager_29_0 apexd_29_0 (file (read open)))
3651 (allow servicemanager_29_0 apexd_29_0 (process (getattr)))
3652 (allow apexd_29_0 apex_service_29_0 (service_manager (add find)))
3654 (allow apexd_29_0 property_socket_29_0 (sock_file (write)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/vendor_sepolicy.cil.raw/android_common/shiba/ |
| D | vendor_sepolicy.cil.raw | 7201 (allow vendor_init property_socket (sock_file (write)))
7202 (allow vendor_init init (unix_stream_socket (connectto)))
7203 (allow vendor_init apexd_config_prop (property_service (set)))
7204 (allow vendor_init apexd_config_prop (file (read getattr map open)))
7210 (allow vendor_init property_socket (sock_file (write)))
7211 (allow vendor_init init (unix_stream_socket (connectto)))
7212 (allow vendor_init apexd_select_prop (property_service (set)))
7213 (allow vendor_init apexd_select_prop (file (read getattr map open)))
7219 (allow vendor_init property_socket (sock_file (write)))
7220 (allow vendor_init init (unix_stream_socket (connectto)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/recovery_sepolicy.conf/android_common/shiba/ |
| D | recovery_sepolicy.conf | 3380 # Allow a transition from olddomain to newdomain
3399 # Allow domain to create a file labeled file_type in a
3418 # Allow the specified domain to read directories, files
3425 # Allow access to a unique type for this domain when creating tmpfs / ashmem files.
3473 # Allow domain to create/use userfaultfd.
3479 # Allow domain to create and communicate with a virtual machine using
3486 # Allow domain to create and communicate with an early virtual machine using
3493 # Allow a base set of permissions required for all apps.
3499 # Allow a base set of permissions required for all untrusted apps.
3505 # Allow a base set of permissions required for all isolated apps.
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/prebuilts/api/30.0/30.0_product_pub_policy.cil/android_common/ |
| D | 30.0_product_pub_policy.cil | 3663 (allow adbd property_socket (sock_file (write)))
3664 (allow adbd init (unix_stream_socket (connectto)))
3665 (allow adbd ctl_mdnsd_prop (property_service (set)))
3666 (allow adbd ctl_mdnsd_prop (file (read getattr map open)))
3667 (allow apexd servicemanager (binder (call transfer)))
3668 (allow servicemanager apexd (binder (call transfer)))
3669 (allow servicemanager apexd (dir (search)))
3670 (allow servicemanager apexd (file (read open)))
3671 (allow servicemanager apexd (process (getattr)))
3672 (allow apexd apex_service (service_manager (add find)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/sepolicy_neverallows.sepolicy_analyze.conf/android_common/ |
| D | sepolicy_neverallows.sepolicy_analyze.conf | 3380 # Allow a transition from olddomain to newdomain
3399 # Allow domain to create a file labeled file_type in a
3418 # Allow the specified domain to read directories, files
3425 # Allow access to a unique type for this domain when creating tmpfs / ashmem files.
3473 # Allow domain to create/use userfaultfd.
3479 # Allow domain to create and communicate with a virtual machine using
3486 # Allow domain to create and communicate with an early virtual machine using
3493 # Allow a base set of permissions required for all apps.
3499 # Allow a base set of permissions required for all untrusted apps.
3505 # Allow a base set of permissions required for all isolated apps.
[all …]
|
| /aosp_15_r20/system/sepolicy/prebuilts/api/30.0/private/ |
| H A D | system_server.te | 21 allow system_server zygote_tmpfs:file read;
22 allow system_server appdomain_tmpfs:file { getattr map read write };
25 allow system_server proc_filesystems:file r_file_perms;
28 allow system_server incremental_control_file:file { ioctl r_file_perms };
35 allow system_server dalvikcache_data_file:dir r_dir_perms;
36 allow system_server dalvikcache_data_file:file r_file_perms;
40 with_asan(`allow system_server dalvikcache_data_file:lnk_file r_file_perms;')
43 allow system_server resourcecache_data_file:file r_file_perms;
44 allow system_server resourcecache_data_file:dir r_dir_perms;
47 allow system_server self:process ptrace;
[all …]
|
| /aosp_15_r20/system/sepolicy/prebuilts/api/29.0/private/ |
| H A D | system_server.te | 17 allow system_server zygote_tmpfs:file read;
18 allow system_server appdomain_tmpfs:file { getattr map read write };
21 allow system_server dalvikcache_data_file:dir r_dir_perms;
22 allow system_server dalvikcache_data_file:file r_file_perms;
26 with_asan(`allow system_server dalvikcache_data_file:lnk_file r_file_perms;')
29 allow system_server resourcecache_data_file:file r_file_perms;
30 allow system_server resourcecache_data_file:dir r_dir_perms;
33 allow system_server self:process ptrace;
36 allow system_server zygote:fd use;
37 allow system_server zygote:process sigchld;
[all …]
|
| /aosp_15_r20/out/target/product/shiba/system/etc/selinux/ |
| D | plat_sepolicy.cil | 7947 (allow vendor_init property_socket (sock_file (write)))
7948 (allow vendor_init init (unix_stream_socket (connectto)))
7949 (allow vendor_init apexd_config_prop (property_service (set)))
7950 (allow vendor_init apexd_config_prop (file (read getattr map open)))
7956 (allow vendor_init property_socket (sock_file (write)))
7957 (allow vendor_init init (unix_stream_socket (connectto)))
7958 (allow vendor_init apexd_select_prop (property_service (set)))
7959 (allow vendor_init apexd_select_prop (file (read getattr map open)))
7965 (allow vendor_init property_socket (sock_file (write)))
7966 (allow vendor_init init (unix_stream_socket (connectto)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/userdebug_plat_sepolicy.cil/android_common/ |
| D | userdebug_plat_sepolicy.cil | 7947 (allow vendor_init property_socket (sock_file (write)))
7948 (allow vendor_init init (unix_stream_socket (connectto)))
7949 (allow vendor_init apexd_config_prop (property_service (set)))
7950 (allow vendor_init apexd_config_prop (file (read getattr map open)))
7956 (allow vendor_init property_socket (sock_file (write)))
7957 (allow vendor_init init (unix_stream_socket (connectto)))
7958 (allow vendor_init apexd_select_prop (property_service (set)))
7959 (allow vendor_init apexd_select_prop (file (read getattr map open)))
7965 (allow vendor_init property_socket (sock_file (write)))
7966 (allow vendor_init init (unix_stream_socket (connectto)))
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/system/sepolicy/plat_sepolicy.cil/android_common/ |
| D | plat_sepolicy.cil | 7947 (allow vendor_init property_socket (sock_file (write)))
7948 (allow vendor_init init (unix_stream_socket (connectto)))
7949 (allow vendor_init apexd_config_prop (property_service (set)))
7950 (allow vendor_init apexd_config_prop (file (read getattr map open)))
7956 (allow vendor_init property_socket (sock_file (write)))
7957 (allow vendor_init init (unix_stream_socket (connectto)))
7958 (allow vendor_init apexd_select_prop (property_service (set)))
7959 (allow vendor_init apexd_select_prop (file (read getattr map open)))
7965 (allow vendor_init property_socket (sock_file (write)))
7966 (allow vendor_init init (unix_stream_socket (connectto)))
[all …]
|